Thursday 23 February 2012

Abuse of power - why Windows Security Fails...

Windows has one very nasty habit, that it has kept since the first days of it's creation. It's a habit so deadly, that Windows has never really been able to ditch it (despite several attempts), and rather like a junkie always needing one last desperate fix, Windows defends it's use, and will continue to use it, until the bitter end... I am of course, referring to default administrative rights.

Back in the old days of DOS (that's the operating system before windows - some of us over 40's are quite fond of it), networks existed only in business, and one user / one computer was the norm. In those days, the ideas of multiple users was more for large scale computing, such as big business or Universities. From these hot-beds came the idea of networks, multiple users on one machine, and user rights. In short, a human needed a user account to use a computer, and that account needed access rights to use files/printers/resources - all this, controlled by an Administrator: the one person deemed trustworthy enough to organize these resources on the User's behalf.

Microsoft had already created Windows - not as an Operating System at first, but as a Window Manager - that is, a nice, graphical way to view your files, edit notes etc. Windows was not the first, but it became the most popular, and in the way that popular things do, it created demand. There was now a demand for Windows to have network access to files, printers and resources, but Windows was a single user environment.

Enter "Windows for Workgroups" - Microsoft's answer to the network problem. Windows could now access network files, share network resources, and assign user rights - right? Wrong - Windows could assign network rights to other people / computers, but it was still a single user environment, and that user had FULL Administrator access to the computer. Microsoft got it right with Windows NT however - a version of Windows DESIGNED to be a computer server. It had users, printers, rights... but the USER computers that used it's resources were still running WFW - single user, full Administrative access to their own machine. The users HAD to have Administrative access to install printers, device drivers, anything that was actually useful. This problem would continue for a VERY long time...

In 1995, Microsoft tried again, and released Windows 95. 95 was Windows For WorkGroups with a new front end, as well as some improvements to the back end engine, but it was still essentially the same Windows / DOS combination that WFW was, and it shared the same single user philosophy. Yes, you could have separate user profiles, but each user was still "the Administrator". We also now had "Windows Update" - Microsoft could keep your computers up-t0-date for you, but they could only do it if the user had full access to the machine...

Then came Windows NT4, and NT4 Workstation. These were version of Windows designed for full network use, and actually had true user accounts practice. Now, only the Administrator could make system changes to the machine, and everyone else could be user's of lesser power... except that user's expected to be able to do things the way they were used to. People now had PC's running windows at home, and the "single user" experience was what they were used to. The user's also had to keep the machine up to date with the latest patches, to stop the growing virus threat, so the average user STILL had to have administrative access. Savvy network admins locked down the machines as best they could, but those who didn't know better still allowed the standard user's full Administrator access - is it any wonder that Windows is responsible for more viruses spreading than any other operating system?

In 98, we had Windows 98, and then Windows ME, and once again, Microsoft dropped the ball, allowing the Single User ethos to continue. 2000 brought Windows 2000 / Server 2000 and for the first time, Windows on both Client AND desktop had the notion of access rights. This should have been the turning point for Microsoft - their poor record of virus spreading and compromised security should have stopped here... but it didn't. In fact, it spread like wildfire. By default, new users in the client environment were MADE administrators!!! This madness carried on, and by the time of Windows XP, was commonplace.

Windows Vista tried to do something about it, by alerting the user when administrative access was required - but all the user had to do was click a button and say "ALLOW". Give a user a button that says "ALLOW", and they'll always press it...

Windows 7 went one step in the right direction, by getting rid of the Administrator account - but not before granting the first user set up FULL ADMINISTRATOR ACCESS...

In the UNIX/Linux world, we have the ROOT account. You can do anything with the root account, but it is never used as the primary account for users. This is the primary reason why UNIX/Linux computers are inherently safer than Windows ones.

Below are two links that you may find useful at some point - the first tell you ways you can manually remove spy ware from your computer (always useful knowledge), the second, explains why running as the Administrator is such a bad idea...



http://www.codinghorror.com/blog/2007/06/how-to-clean-up-a-windows-spyware-infestation.html

http://www.codinghorror.com/blog/2007/06/the-windows-security-epidemic-dont-run-as-an-administrator.html

Running as Administrator is like Arnie armed to the teeth, walking through a Nursery class - a friendly fire incident waiting to happen...

No comments: